RickJWagner writes "Once upon a time, I thought communication was one of my strong suits. Alas, a few years into my programming career I realized I'm more of the head-down codeslinging type, not one of the schmoozing managerial types. So when I have a point to make, I really like to have my data ready to do the talking for me. In that capacity, this book is a very good weapon to have in my arsenal." Read on for the rest of Rick's review.

wiredmikey writes with an update to the previously reported Epsilon breach: "It turns out that Kroger is only one of many customers affected by the breach at Epsilon, which sends over 40 billion emails annually and counts over 2,500 clients, including 7 of the Fortune 10, to build and host their customer databases. It has been confirmed that the customer names and email addresses, and in a few cases other pieces of information, were compromised at several major brands, a list which continues to grow ..." An anonymous reader points out that U.S. Bank is on the list of affected companies; I wonder how many more phishing attempts this will mean.

wiredmikey writes "The Rustock Botnet was sending as many as 13.82 billion spam emails each day before being taken down early this month by an effort headed by Microsoft in cooperation with authorities and the legal system. According to Symantec's March 2011 MessageLabs Intelligence Report, the Rustock botnet had been responsible for an average of 28.5% of global spam sent from all botnets in March. Following the takedown, when the Rustock botnet was no longer cranking out spam by the billions, global spam volumes fell by one-third. For reference, toward the end of 2010, Rustock had been responsible for as much as 47.5% of all spam, sending approximately 44.1 billion e-mails per day, according to MessageLabs stats. Since then, Bagle, a botnet that wasn't even on MessageLabs' top ten spam-sending botnets at the end of 2010, has taken over from Rustock as the most active spam-sending botnet this year."

RickJWagner writes "So you want to be an Android developer? If you're like me, you've probably been wanting to learn how to program a mobile device, but just haven't found the time to master Objective-C. So now that Android is here, all of us garden-variety Java coders can jump on the bandwagon and start slinging apps out, right? Well, it turns out there's a little more to it than that. This book can make the trail from everyday Java code slinger to best-selling Android app writer a little more plausible." Read below for the rest of Rick's review.

h4rm0ny writes "Microsoft, in cooperation with Federal agents, conducted what the Wall Street Journal described as 'sweeping legal attacks' as they entered facilities in Kansas City, Scranton, Pa, Denver, Dallas, Chicago, Seattle and Columbus, Ohio to seize alleged 'command and control' machines for the Rustock botnet — described as the largest source of spam in the world. The operation is intended to 'decapitate' the botnet, preventing the seized machines from sending orders to suborned PCs around the world."

One can only imagine how enraged the Kinect would have been if it found out he had broken the ToS.

wiredmikey sends this quote from Security Week: "Today's tragic events of the 8.9 magnitude earthquake and resulting tsunami, as sad as it is, is a dream for scammers and fraudsters around the world. Tragic events are always something scammers use to their advantage, helping them prey on and exploit innocent victims. Scams are already spreading across Facebook, which started in a matter of minutes after the news broke of the earthquake in Japan. As I write this, scammers are hard at work, registering new domains and cranking out templates for their fake donation sites. This will be followed with massive volumes of email spam, Tweets through Twitter, and Facebook posts, as scammers gear up to solicit donations from around the world." As coverage of the earthquake and resulting tsunami has proceeded, collections of videos and pictures are showing the extent of the devastation. The NY Times makes the excellent point that things could have been much worse if not for building codes and quake-resistant engineering. A state of emergency was declared at one of Japan's nuclear plants, after the earthquake caused cooling problems at one of the reactors. No radiation leakage has been reported, and the US Air Force has helped by delivering coolant by air.

brothke writes "One can sum up all of Social Engineering: The Art of Human Hacking in two sentences from page 297, where author Christopher Hadnagy writes 'tools are an important aspect of social engineering, but they do not make the social engineer. A tool alone is useless; but the knowledge of how to leverage and utilize that tool is invaluable.' Far too many people think that information security and data protection is simply about running tools, without understanding how to use them. In this tremendous book, Hadnagy shows how crucial the human element is within information security." Keep reading for the rest of Ben's review.

www.sorehands.com writes "While one spammer, Robert Soloway, gets released on probation, the Feds send another, Robert Smoley, to the slammer for 40 months. I know about Smoley because I tracked him down, and beat him in court. Not only was he an attorney, he still has not lost his license, yet. The IRS contacted me as a result of seeing my web site, and I gladly assisted the IRS in tracking his business. He not only bounced a check on me, but stiffed his local counsel and one of his ISPs."

jfruhlinger writes "Looking to solve the problems of spam, phishing, and unconfirmed email identities, Germany is betting very, very big. The country will pass a law this month creating 'De-mail,' a service in which all messages will be encrypted and digitally signed so they cannot be intercepted or modified in transit. Businesses and individuals wanting to send or receive De-mail messages will have to prove their real-world identity and associate that with a new De-mail address from a government-approved service provider. The service will be enabled by a new law that the government expects will be in force by the end of this month. It will allow service providers to charge for sending messages if they wish. The service is voluntary, but will it give the government too much control?"

An anonymous reader writes "Brian Krebs has posted a deep dive through more than a year worth of emails leaked from ChronoPay, Russia's largest online credit card processor. The ... evidence indicates that ChronoPay executives created scareware companies from the ground up, paying for everything from their domain name registration to virtual hosting, to setting up the front companies and associated bank accounts and the 1-800 support lines for entire scareware operations that typically netted the company millions in revenue for each scam."

dmmiller2k writes "Apparently, after 'nearly four years in prison, the man dubbed the 'Spam King' by federal prosecutors, is allowed back online.' I wonder if there's some variation of Megan's Law requiring him to register with the local police department and notify all his neighbors with computers?" I sure hope any potential employers google "Robert Soloway" and find "Spam king" high on the results list.

angry tapir writes "It's been a few years coming, but it looks like China may finally be getting a handle on its spam problem. Once the largest source of the world's spam, China has been gradually fading off the list of the world's top spam-producers. Right now Cisco Systems' IronPort group ranks it at number 18 in terms of spam-producing countries. That's a big drop from two years ago, when it consistently ranked in the top five."

softegg writes "My company hosts our own mail server. We have high-speed business connections through Verizon and Comcast. Recently, Verizon and Comcast have been blocking port 25, causing our private mail server to stop functioning. Additionally, a lot of ISPs just started blocking any mail coming from any IP in the address block of cable modems. This caused us to start laundering our mail through a third-party service called DNSExit. Now, McAfee's MAPS anti-spam system tells us they are blocking DNSExit for spam. Essentially, we are finding ourselves increasingly cut off from sending any outgoing mail. What is a small company supposed to do if you want to host your own mail?"

RedEaredSlider writes "Aimed at stripping search results of pages from 'low-quality' sites, a new Google Chrome extension allows users to block specified websites from appearing in search results. The names of these sites are then sent to Google, which will study the collected results and use them to determine future page ranking systems. Google principal engineer Matt Cutts wrote in a post on the Google blog that the company hopes the extension will improve the quality of search results. The company has been the target of criticism in recent months, much of which centered around the effect that content farms were having on searches."

Famous shoe designer Kenneth Cole stuck his fabulously shod foot into his mouth by tweeting, "Millions are in uproar in #Cairo. Rumor is they heard our new spring collection is now available online..." After an uproar from people who don't think revolution jokes are funny, he issued the following tweet: "we weren't intending to make light of a serious situation. We understand the sensitivity of this historic moment."

suraj.sun writes with this excerpt from CNET: "Today, Hotmail is getting a new feature aimed at 'e-mail enthusiasts,' which lets anyone create multiple e-mail accounts that can be read, replied to, and managed from their everyday e-mail inbox. These additional e-mail addresses can be had in the same manner as signing up for new accounts, but they require no extra log-ins or upkeep. ... The idea is to give users a safe way to provide third parties with an e-mail address, without giving up the address they've provided to family and friends, which, if compromised, can end the usefulness of that particular account. Each user will be able to create up to five aliases, any of which can be deleted and replaced with another at any time. Over time, Microsoft will increase that limit to 15 aliases per account, making it so that the true heavy users won't need to juggle between two or more Hotmail accounts."

wiredmikey writes "Despite spam levels being at their lowest since March 2009, metrics released by the APWG indicate that cybercriminals are cultivating an array of alternative attack schemes, and in particular, increasing attacks on the online classified services sector with phishing attacks. Though the online payment services sector remained the most targeted industry with 38 percent of detected attacks in Q2, the classified ads services sector experienced rapid growth in phishing attacks."

An anonymous reader writes "Facebook has been awarded $360,500,000 in damages against spammer Philip Porembski, who phished the login details of at least 116,000 Facebook users and sent more than 7.2 million spam messages to victims' online friends. Facebook claimed it received more than 8,000 complaints from users as a result of the spam campaign, and more than 4,500 users had deactivated their accounts."

Hugh Pickens writes "A suicide bomber's plan to detonate explosives in Central Moscow on New Year's Eve was foiled when she received an unexpected spam text message that caused her deadly payload to blow up too early. A message wishing her a happy new year came hours before the unnamed woman was to set off her suicide belt near Red Square, an act of terrorism that could have killed hundreds of people. Islamist terrorists in Russia often use mobile phones as detonators. The bomber's handler, who is usually watching his charge, sends the bomber a text message to set off the explosive belt at the moment when it is thought they can inflict maximum casualties."